News

Eddie Bauer Hit with POS Data Breach

This week we hear about how Eddie Bauer was Hit with POS Data Breach and how a Trojan Uses TeamViewer to Spy on PCs in Europe, Russia and US.

Breach

Eddie Bauer Hit with POS Data Breach

The outdoor clothing store retailer, Eddie Bauer, was the latest victim of a point-of-sale malware that stole credit card information. Eddie Bauer has admitted that its 350 of its stores in the US and Canada may have been affected by the attack. The notice states the cardholder names, payment card numbers, security codes and expiration dates may have been extracted by the malware, but purchases over its online retail services were not affected.

Malware

Trojan Uses TeamViewer to Spy on PCs in Europe, Russia and US

Earlier versions of this Trojan exist, such as BackDoor.TeamViewer.49, but it only allowed them to spy on traffic by downloading a malicious library that’s installed on the target machine. However, the latest version uses the TeamViewer application itself to spy on the victim, but also steals information by having the Trojan load a malicious library with the same name TeamViewer would normally load, and disabling any error messages that appear.

The geographical areas in which the Trojan is targeting seems to be shifting. For example, it was targeting systems in Britain and Spain, but now is moving to the US in August. Additionally, there have been reports of it in Russia.

Netflow traffic may also reveal large data transfers and potential data leakage

Top 20 IP Addresses

185.129.148.19

194.67.210.183

185.51.247.211

46.109.168.179

93.174.91.49

81.183.56.217

93.184.220.29

213.205.40.169

188.118.2.26

178.32.92.113

80.150.6.138

87.222.67.194

118.170.130.207

112.140.42.29

93.174.93.136

208.71.106.48

195.130.132.84

220.181.87.80

114.44.192.128

94.102.49.174

*IP addresses provided by Recorded Future.

Contact Us

SCHEDULE A DEMO

Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.